Upvote Upvoted 42 Downvote Downvoted
TF2 and CS:GO source code leaked
posted in News
Connie
April 22, 2020

UPDATE: The TF2 team has released a series of tweets giving TF2 a similar all-clear to the CS:GO tweet earlier in the day.

Earlier today, the source code behind a November 2017 version of Team Fortress 2 and a May 2017 version of CS:GO was posted on the popular internet forum 4chan. Maxx, a former member of a Source engine modding and development group called Lever Softworks, allegedly released the code after being removed for reports of racist, homophobic, and transphobic behavior. While working on a recreation of cancelled Valve concept project F-STOP in May of 2018, the group was one of many given access to the code by a malicious party with intent to damage Valve Corporation. More information on the Lever Softworks situation can be found in this Twitter thread.

There are currently several reports of players experiencing Remote Code Execution (RCE) exploits, in which attackers are able to gain access to victims' computers, install malware, and run code through a server connection. There are also reports indicating that through the source code leak attackers are also able to gain access to items through the games' interactions with the Steam API. At the time of writing, these reports are currently unconfirmed and entirely speculative; however, users are still advised to proceed with caution while launching either game.

Do I need to uninstall Team Fortress 2 and CS:GO?

No.

Is there an Remote Code Execution (RCE) in Team Fortress 2 right now?

Unfortunately, RCE exploits exist everywhere; the real question is if one has been found yet. While source code will make it easier to discover and test RCE exploits, a source code release does not necessarily guarantee that one will be found immediately. Additionally, many sources have claimed that this build has been circulated internally among bad actors for the past year. Given the severity of the RCE being touted, it's unlikely that such an exploit will be unleashed maliciously unto the public, given Valve's generous bug bounty program.

Has the Steam API been hacked?

No. The code included in the leak was the TF2 client code, which merely interacts with TF2 servers. The client code does not easily allow users to give themselves items and provides few clues regarding the inner workings of the TF2 item server. For more information, we recommend reading Marketplace.tf's write-up.

This story is in ongoing development and will be updated with more information as it becomes available. Stay tuned to teamfortress.tv for more updates.

1
#1
49 Frags +

I'm out of money and lost my job because of coronavirus, but managed to buy a new pc just before the shit hit the fan to get back to tf2 after 2 inactive years and sit my ass out with old online-buddies in old online-game. And now it's gone, too. It's so surreal, i'm actually going crazy.

I'm out of money and lost my job because of coronavirus, but managed to buy a new pc just before the shit hit the fan to get back to tf2 after 2 inactive years and sit my ass out with old online-buddies in old online-game. And now it's gone, too. It's so surreal, i'm actually going crazy.
2
#2
-9 Frags +

i read somewhere that the person making this tweets is the actual leaker and has been known for doing things like this in the past, take the twitter with a serious amount of salt

i read somewhere that the person making this tweets is the actual leaker and has been known for doing things like this in the past, take the twitter with a serious amount of salt
3
#3
7 Frags +
saci read somewhere that the person making this tweets is the actual leaker and has been known for doing things like this in the past, take the twitter with a serious amount of salt

I'd take what you heard with an actual grain of salt. Jaycie's thread checks out with what I've read on 4chan and comments and discoveries from other people. Additionally, you can just take a look at the replies to the thread to see why someone would cast doubt on Jaycie's claims.

[quote=sac]i read somewhere that the person making this tweets is the actual leaker and has been known for doing things like this in the past, take the twitter with a serious amount of salt[/quote]

I'd take what you heard with an actual grain of salt. Jaycie's thread checks out with what I've read on 4chan and comments and discoveries from other people. Additionally, you can just take a look at the replies to the thread to see why someone would cast doubt on Jaycie's claims.
4
#4
-3 Frags +
bleghfarecsaci read somewhere that the person making this tweets is the actual leaker and has been known for doing things like this in the past, take the twitter with a serious amount of salt
I'd take what you heard with an actual grain of salt. Jaycie's thread checks out with what I've read on 4chan and comments and discoveries from other people. Additionally, you can just take a look at the replies to the thread to see why someone would cast doubt on Jaycie's claims.

its not because a bunch of retarded 4channers are going nuts in replies that the person they are replying to is an angel. there is a sword of damocles hanging above jaycie's head for her crimes too.

[quote=bleghfarec][quote=sac]i read somewhere that the person making this tweets is the actual leaker and has been known for doing things like this in the past, take the twitter with a serious amount of salt[/quote]

I'd take what you heard with an actual grain of salt. Jaycie's thread checks out with what I've read on 4chan and comments and discoveries from other people. Additionally, you can just take a look at the replies to the thread to see why someone would cast doubt on Jaycie's claims.[/quote]
its not because a bunch of retarded 4channers are going nuts in replies that the person they are replying to is an angel. there is a sword of damocles hanging above jaycie's head for her crimes too.
5
#5
Spaceship Servers
5 Frags +

https://twitter.com/CSGO/status/1253075594901774336

no tf2 tweet ?

https://twitter.com/CSGO/status/1253075594901774336

no tf2 tweet ?
6
#6
43 Frags +

dw the tf2 tweet will come in 2 weeks

dw the tf2 tweet will come in 2 weeks
7
#7
5 Frags +

https://www.ign.com/articles/valve-counter-strike-source-code-leak-no-danger

IGN doesn't consider TF2 better than CSGO, OW, or Fortnite

https://www.ign.com/articles/valve-counter-strike-source-code-leak-no-danger

IGN doesn't consider TF2 better than CSGO, OW, or Fortnite
8
#8
5 Frags +

https://twitter.com/garrynewman/status/1253074189600395271

https://twitter.com/garrynewman/status/1253074189600395271
9
#9
0 Frags +

what should we do in the meantime? not play?

what should we do in the meantime? not play?
10
#10
8 Frags +

[PSA] Its very likely safe to play TF2 right now. An RCE existing is extremely unlikely.

First of all, the source code being leaked doesnt mean much when it has been known by hackers for ages, which was the source of the lag/crash bots. If an RCE exploit existed, it would've been used a long time ago, or would've been reported to valve for a couple thousand dollars.

Interesting links:

A take from a professional, who has earned a lot of money finding 0-day exploits in programs such as Filezilla

Teamwork.tf's opinion on the situation

However, it is not unwise to just wait out an official response from the TF2 team, much like we did with the official CS:GO twitter account.

Also for those unaware, it has been proven that the images that were shown here a while back where a pop-up saying that cathook was getting into your account were fake.

Also this: Apparently the leaked code isn't strictly TF2 source code, but just code shared by TF2 and csgo -> Posted by a Steam community forum mod

[b][PSA] Its very likely safe to play TF2 right now. An RCE existing is extremely unlikely.[/b]

First of all, the source code being leaked doesnt mean much when it has been known by hackers for ages, which was the source of the lag/crash bots. If an RCE exploit existed, it would've been used a long time ago, or would've been reported to valve for a couple thousand dollars.

Interesting links:

[url=https://soatok.blog/2020/04/22/source-code-leak-is-effectively-meaningless-to-endpoint-security/amp/]A take from a professional[/url], [url=https://hackerone.com/soatok]who has earned a lot of money finding 0-day exploits in programs such as Filezilla[/url]

[url=https://twitter.com/TF2teamwork/status/1253075601575104513]Teamwork.tf's opinion on the situation[/url]

However, it is not unwise to just wait out an official response from the TF2 team, [url=https://twitter.com/CSGO/status/1253075594901774336]much like we did with the official CS:GO twitter account.[/url]

Also for those unaware, it has been proven that the images that were shown here a while back where a pop-up saying that cathook was getting into your account were fake.

Also this: [url=https://steamcommunity.com/app/440/discussions/0/2270320616957466159/]Apparently the leaked code isn't strictly TF2 source code, but just code shared by TF2 and csgo[/url] -> Posted by a Steam community forum mod
11
#11
31 Frags +
PumA take from a professional, who has earned a lot of money finding 0-day exploits in programs such as Filezilla

https://i.gyazo.com/4f9f113f3d5064db3498931baf8b17a3.png

[quote=Pum][url=https://soatok.blog/2020/04/22/source-code-leak-is-effectively-meaningless-to-endpoint-security/amp/]A take from a professional[/url], [url=https://hackerone.com/soatok]who has earned a lot of money finding 0-day exploits in programs such as Filezilla[/url][/quote]
[img]https://i.gyazo.com/4f9f113f3d5064db3498931baf8b17a3.png[/img]
12
#12
24 Frags +
trippaPumA take from a professional, who has earned a lot of money finding 0-day exploits in programs such as Filezillahttps://i.gyazo.com/4f9f113f3d5064db3498931baf8b17a3.png

Yes apparently there are a lot of furries on the IT and InfoSec industry, doesnt make his opinion less valid, especially if you follow the second link after the comma.

[quote=trippa][quote=Pum][url=https://soatok.blog/2020/04/22/source-code-leak-is-effectively-meaningless-to-endpoint-security/amp/]A take from a professional[/url], [url=https://hackerone.com/soatok]who has earned a lot of money finding 0-day exploits in programs such as Filezilla[/url][/quote]
[img]https://i.gyazo.com/4f9f113f3d5064db3498931baf8b17a3.png[/img][/quote]

Yes apparently there are a lot of furries on the IT and InfoSec industry, doesnt make his opinion less valid, especially if you follow the second link after the comma.
13
#13
17 Frags +

the most important bit of code in the leak

void CTFBottle::Smack( void )
{
    BaseClass::Smack();

    if ( ConnectedHit() && IsCurrentAttackACrit() )
    {
        m_bBroken = true;
        SwitchBodyGroups();
    }
}
the most important bit of code in the leak
[code]void CTFBottle::Smack( void )
{
BaseClass::Smack();

if ( ConnectedHit() && IsCurrentAttackACrit() )
{
m_bBroken = true;
SwitchBodyGroups();
}
}[/code]
14
#14
EssentialsTF
10 Frags +

https://twitter.com/TeamFortress/status/1253186403900420098?s=19

https://twitter.com/TeamFortress/status/1253186403900420098?s=19
15
#15
14 Frags +

https://youtu.be/l4Z--krDXM4?t=78

https://youtu.be/l4Z--krDXM4?t=78
Please sign in through STEAM to post a comment.